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Appl. No. 09/892,490 
Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1. (Currently amended) A method of managing assertions comprising the steps of; 

selling a pool of unallocated time available for assertions; 

upon request, generating an assertion between a name and a public key, the 
assertion having a lifetime, during which the assertion is usable to provide an indication that the 
public key is associated with the name, and subtracting the lifetime from the unallocated time; 
and 

upon request, revoking an assertion and adding any remaining lifetime of the 
assertion to the unallocated time ; and 

eroding the unallocated time over time, bv subtracting additional time fro m the 
unallocated time independently of subtracting the lifetime of the assertion from the unallocated 
time, to thereby prevent the unallocated time from being maintained indefi nitely, 

2. (Cancelled) 

3. (Currently amended) A computer implemented system for managing assertions between 
names and public keys, the system comprising: 

a repository containing an unallocated time, the unallocated time indicating an 
amount of time available for assertions; 

a client interface; 

a purchase component opemtively coupled to the client interface and to the 
repository, and adapted to add a bulk lifetime requested through the client interface to the 
unallocated time; 
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a request component operatively coupled to the client interface and to the 
repository, and adapted to, upon generation of an assertion between a name and a public key, the 
assertion having a lifetime requested through the client interface, deduct the requested lifetime 
from the unallocated time; and 

a revocation component operatively coupled to the client interface and to the 
repository and adapted to, upon revocation of an assertion having a remaining lifetime, add the 
remaining lifetime to the unallocated time, 

wherein at least one of the repository, the client interface, the purchase 
component, the request component, and the revocation component comprises a hardware 
component^and 

wherein the unallocated time is eroded over time, bv deducting additional time 
from the unallocated rime independently of the re q ue st component d educting the requested 
lifetime from the unallocated time, to the reby prevent the unallocated time from being 
maintained indefinitely . 

4. (Original) The system of claim 3 wherein each assertion is a public key certificate. 

5. (Original) The system of claim 3 further adapted to: 

monitor when the unallocated time falls below a threshold, and 
notify a user associated with the unallocated time if the unallocated time falls 
below the threshold. 

6. (Previously Presented) The system of claim 3 wherein the request component determines 
whether the requested lifetime is greater than the unallocated time, and if the requested lifetime is 
greater than the unallocated time, presents a user associated with the unallocated time with a set 
of options for remedying the insufficiency of the unallocated time* 

7. (Currently amended) A processing platform implemented method comprising the computer 
implemented steps of: 
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maintaining an unallocated time, the unallocated time being time available for 
assertions between a name and a public key; 

accepting a request for an assertion between a name and a public key and a 
requested lifetime during which the assertion is usable to provide an indication that the public 
key is associated with the name; 

determining whether the unallocated time is greater than or equal to the requested 

lifetime; and 

upon determining that the unallocated time is greater than or equal to the 
requested lifetime, deducting the requested lifetime from the unallocated timeiand 

eroding the unallocated rime over tim e, bv deducting additional time from the 
unallocated tim« indenendentlv of deducting the requested lifeti me from the unallocated time, to 
thereby prevent the unallocated time from bei ng maintained indefinitely. 

8. (Previously Presented) The method of claim 7 comprising the further step of forwarding the 
request for an assertion to an entity responsible for generating assertions where the unallocated 
time is greater than or equal to the requested lifetime. 

9. (Original) The method of claim 7 wherein the assertion is a public key certificate. 

10. (Cancelled) 

1 1 . (Currently amended) A processing platform implemented method comprising the computer 
implemented steps oft 

maintaining an unallocated time, the unallocated time being time available for 
assertions, between a name and a public key; 

identifying, from a request for revocation, an assertion between a name and a 
public key to be revoked, the assertion having a remaining lifetime during which the assertion is 
usable to provide an indication that the public key is associated with the name; a*d 

adding the remaining lifetime to the unallocated timeiafid 
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eroding the unallocated time ^ time, bv de ducting additional time from the 
unallocated time i nde pendently of d «huW a lifetime of an assertion from the unallocated tim e, 
to thereby prevent the unallocated time from being maintained in definitely , 

12 . (Original) The method of claim 1 1 wherein the assertion is a public key certificate. 

13. (Cancelled) 

14. (Currently Amended) An article of manufacture comprising a computer-readable storage 
medium, the computer-readable storage medium containing instructions for: 

generating an entry in a repository, the entry including an unallocated time 
available for assertions; 

receiving a request for a purchase of bulk lifetime; 

adding the bulk lifetime to the unallocated time in the event that a request for a 
purchase of bulk lifetime is received; 

receiving a request for an assertion and a requested lifetime, the assertion being 
between a name and a public key; 

deducting the requested lifetime from the unallocated time in the event that a 
request for an assertion is received; 

receiving an identification of an assertion to be revoked, the assertion having a 
remaining lifetime; and 

adding the remaining lifetime to the unallocated time in the event that an 
identification of an assertion to be revoked is received; and 

erodinp the unallocated time over time, bv ded ucting additional time from .the 
unallocated time independently of deducting the requested lifeti me from th e unallocated time Jo 
thereby prevent the unallocated time from being maintained indefinitely. 
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15. (Currently amended) A computer implemented system for allocating assertions comprising: 
for allocating a pool of unallocated time available for assertion validity; 



means 



a client interface; 

means for processing a request received through the client interface for an 
assertion between a name and a public key, the assertion having a lifetime, the means for 
processing the request being operatively coupled to the client interface and to the means for 
allocating, and subtracting the lifetime from the unallocated time; aad 

means for processing a revocation of an existing assertion, the means for 
processing the revocation being operatively coupled to the means for allocating, and determining 
any remaining lifetime of the existing assertion and adding at least a portion of the remaining 
lifetime of the assertion to the unallocated time; and 

means for eroding the unallocated time over time^ thc means for eroding the 
unallocated time being onerativelv coupled t o the means for allocating, and subtracting additional 
time from the unallocated time independently of the means for processing a request subtracting 
the lifetime from the unallocated time, to thereby prevent the unallocated time from being 
maintained indefinitely, 

wherein at least one of the means for allocating, the client interface, the means for 
processing a request, aad the means for processing a revocation, and the means for eroding the 
unallocated time comprises a hardware component, 

16. (Previously Presented) The system of claim 15 further comprising: 

means for monitoring when the unallocated time falls below a threshold, and for 
notifying a user associated with the unallocated time if the unallocated time falls below the 
threshold. 

17, (Currently Amended) A computer readable medium having instructions stored thereon for 
execution on a processing platform to execute a method comprising: 

selling a pool of unallocated time available for assertions; 
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upon request, generating an assertion between a name and a public key, the 
assertion having a lifetime, and subtracting the lifetime from tbe unallocated time; mad 

upon request, revoking an assertion and adding any remaining lifetime of the 
assertion to the unallocated timeL^d 

eroding the unallocated time o ver time, bv subtracting additional time from the 
..nnllncaLed time mdenendendv of -iMractinft the lifetime of the assertion from the unallocated 
rim e r to thereby prevent the unallocated time from being maintained indefinitely. 

18. (Cancelled) 

19. (Previously presented) A computer readable medium having instructions stored thereon for 
execution on a processing platform to execute the method of claim 7. 

20. (Previously presented) A computer readable medium having instructions stored thereon for 
execution on a processing platform to execute the method of claim 9. 

21. (Cancelled) 
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